osc.open_ondemand

Panoramica Versioni Approfondimenti

Open OnDemand Ansible Role

Molecule Tests

This Ansible role sets up and configures Open OnDemand on different Linux systems.

Table of Contents

Version Compatibility

The versioning of this role will mostly match the versions of Open OnDemand that it installs. The major and minor versions of this role will work with the same major and minor versions of Open OnDemand. Patch versions of this role will also be compatible with the corresponding Open OnDemand version but will include bug fixes or enhancements.

For example, version 1.8.0 of this role will work with Open OnDemand version 1.8.x (currently 1.8.20). Version 1.8.1 will install Open OnDemand 1.8.20 but may include bug fixes or new features.

Supported Operating Systems

  • CentOS
  • Debian
  • Fedora
  • RedHat
  • Rocky Linux
  • Suse
  • Ubuntu 18
  • Ubuntu 20

Installing a Specific Version

The ondemand_package variable controls which version of the package is installed. By default, it installs the latest version without upgrading an existing installation. To install a specific version, use its full package name (e.g., ondemand-3.0.3) or use operators supported by Ansible’s yum or apt. Use latest to upgrade.

Installing from Latest or Nightly

To install from our latest or nightly repositories, change the rpm_repo_url setting to the correct RPM link (e.g., 'https://yum.osc.edu/ondemand/latest/ondemand-release-web-latest-1-6.noarch.rpm'). Make sure to check yum for the correct RPM version.

When installing from these repositories, you might need to exclude some packages based on the project's status. For instance, when developing version 2.1, you would need to exclude 2.0 packages.

Use ondemand_package_excludes to list packages to exclude. Example to exclude all 2.1 packages while installing 2.0.20:

ondemand_package: 'ondemand-2.0.20'
ondemand_package_excludes:
  - '*-2.1'

Tags

This role includes tags to run specific tasks:

  • configure - Configures Open OnDemand and applications
  • install - Installs Open OnDemand and applications
  • deps - Installs dependencies (only for building from source)
  • build - Builds the source code (only for building from source)

Overrides

The defaults directory has configuration options organized by the type of file they apply to, useful for building from source or installation.

Check these files for variables you can change. Save overrides in a file and use [email protected] to apply.

Default files are grouped by purpose. Some files only contain comments for documentation and are excluded for Ansible 2.9.X compatibility.

  • .apps.yml - App installation configurations (empty, so hidden).
  • build.yml - Source build configurations.
  • install.yml - OnDemand installation configurations.
  • nginx_stage.yml - Configurations for /etc/ood/config/nginx_stage.yml
  • .ondemand.yml - Configurations for /etc/ood/config/ondemand.d/ondemand.yml (hidden, empty).
  • ood_portal.yml - Configurations for /etc/ood/config/ood_portal.yml

Managing Clusters and Apps

These variables allow for customization and configuration of Open OnDemand.

Clusters

This option writes to /etc/ood/config/clusters.d/<cluster_key>.yml for each item in the dictionary. Each item is a multiline string.

Example:

clusters:
  my_cluster: |
    ---
    v2:
      metadata:
        title: my_cluster
      login:
        host: my_host
      job:
        adapter: slurm
        bin: /usr/local
      batch_connect:
        basic:
          script_wrapper: "module restore\n%s"
  another_cluster: |
    ---
    v2:
      metadata:
        title: Another Cluster

Creates files /etc/ood/config/clusters.d/my_cluster.yml and /etc/ood/config/clusters.d/another_cluster.yml.

my_cluster.yml
v2:
  metadata:
    title: my_cluster
  ...
another_cluster.yml
v2:
  metadata:
    title: Another Cluster

For more info, visit Open OnDemand documentation and Cluster Config Schema v2.

Install Apps

This setting installs applications from custom repositories into the app directory (default or specified). It accepts a dictionary similar to the git module.

Example:

ood_install_apps:
  jupyter:
    repo: https://github.com/OSC/bc_example_jupyter.git
    dest: "{{ ood_sys_app_dir }}"  # defaults (optional)
    version: master                # defaults (optional)
  customdir: # Will create /var/www/ood/apps/my/dir/customdir
    repo: https://github.com/OSC/bc_example_rstudio
    dest: /var/www/ood/apps/my/dir
    version: v1.0.1

App Configurations

This allows you to set up the bc_desktop application and create environment files for other apps.

For straightforward cases, provide an env key to write key-value pairs in an env file.

For the bc_desktop, it generates a <cluster>.yml file and a submit.yml.erb file from the content of submit key.

Example:

ood_apps:
  bc_desktop:
    title: "xfce desktop"
    cluster: "my_cluster"
    form:
      - desktop
      - hours
    attributes:
      hours:
        value: 1
      desktop: "xfce"
    submit: |
      ---
      script:
        native:
          - "-t"
          - "<%= '%02d:00:00' % hours %>"
  files:
    env:
      ood_shell: /bin/bash

Produces:

/etc/ood/config
└── apps
    ├── bc_desktop
    │   ├── my_cluster.yml
    │   └── submit
    │       └── submit.yml.erb
    └── files
        └── env

The env file will have:

$ cat /etc/ood/config/apps/files/env
OOD_SHELL=/bin/bash

The submit directory contains submit.yml.erb with raw string data for configuration.

Open ID Connect

To configure Apache for Open ID Connect, you can use two methods:

  1. Use the ood_auth_openidc dictionary to create a separate config file for OIDC settings.
  2. Use oidc_* variables to have the ood-portal-generator write OIDC configs directly into the ood-portal.conf file.

Example for ood_auth_openidc:

ood_auth_openidc:
  OIDCSessionMaxDuration: 28888
  OIDCClientID: myid
  OIDCProviderMetadataURL: https://localhost/
  OIDCCryptoPassphrase: mycryptopass
  "LDAPTrustedGlobalCert CA_BASE64": /etc/ssl/my/cert/path

default_auth_openidc:
  OIDCRedirectURI: "https://{{ servername }}{{ oidc_uri }}"
  OIDCSessionInactivityTimeout: 28800
  OIDCSessionMaxDuration: 28800
  OIDCRemoteUserClaim: preferred_username
  OIDCPassClaimsAs: environment
  OIDCStripCookies: mod_auth_openidc_session mod_auth_openidc_session_chunks mod_auth_openidc_session_0 mod_auth_openidc_session_1

This creates an auth_openidc.conf file that merges your settings with defaults and overrides them where specified.

Installing Dex

To install Dex for OIDC, set the flag install_ondemand_dex to true, and it will handle the installation.

Contributing

If you experience any issues, have feature suggestions, or fixed something, we want to hear from you! Pull requests are welcome! Don't hesitate to open a ticket for questions.

Informazioni sul progetto

Installs and configures Open OnDemand on various Linux distributions.

role hpc supercomputing gateway portal
Installa
ansible-galaxy install osc.open_ondemand
GitHub repository
33 stelle
34 fork
52 problemi aperti
Licenza
mit
Download
2.7k
Proprietario
Ohio Supercomputer Center
The Ohio Supercomputer Center located in Columbus, Ohio in the USA.